@bsb/config-vault 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +49 -0
- package/bsb-plugin.json +40 -0
- package/lib/index.d.ts +2 -0
- package/lib/index.d.ts.map +1 -0
- package/lib/index.js +2 -0
- package/lib/index.js.map +1 -0
- package/lib/plugins/config-vault/index.d.ts +39 -0
- package/lib/plugins/config-vault/index.d.ts.map +1 -0
- package/lib/plugins/config-vault/index.js +175 -0
- package/lib/plugins/config-vault/index.js.map +1 -0
- package/lib/plugins/service-config-vault/crypto.d.ts +17 -0
- package/lib/plugins/service-config-vault/crypto.d.ts.map +1 -0
- package/lib/plugins/service-config-vault/crypto.js +76 -0
- package/lib/plugins/service-config-vault/crypto.js.map +1 -0
- package/lib/plugins/service-config-vault/http-server.d.ts +20 -0
- package/lib/plugins/service-config-vault/http-server.d.ts.map +1 -0
- package/lib/plugins/service-config-vault/http-server.js +272 -0
- package/lib/plugins/service-config-vault/http-server.js.map +1 -0
- package/lib/plugins/service-config-vault/index.d.ts +82 -0
- package/lib/plugins/service-config-vault/index.d.ts.map +1 -0
- package/lib/plugins/service-config-vault/index.js +95 -0
- package/lib/plugins/service-config-vault/index.js.map +1 -0
- package/lib/plugins/service-config-vault/passkeys.d.ts +9 -0
- package/lib/plugins/service-config-vault/passkeys.d.ts.map +1 -0
- package/lib/plugins/service-config-vault/passkeys.js +12 -0
- package/lib/plugins/service-config-vault/passkeys.js.map +1 -0
- package/lib/plugins/service-config-vault/store.d.ts +42 -0
- package/lib/plugins/service-config-vault/store.d.ts.map +1 -0
- package/lib/plugins/service-config-vault/store.js +396 -0
- package/lib/plugins/service-config-vault/store.js.map +1 -0
- package/lib/plugins/service-config-vault/types.d.ts +127 -0
- package/lib/plugins/service-config-vault/types.d.ts.map +1 -0
- package/lib/plugins/service-config-vault/types.js +2 -0
- package/lib/plugins/service-config-vault/types.js.map +1 -0
- package/lib/plugins/service-config-vault/vault.d.ts +52 -0
- package/lib/plugins/service-config-vault/vault.d.ts.map +1 -0
- package/lib/plugins/service-config-vault/vault.js +243 -0
- package/lib/plugins/service-config-vault/vault.js.map +1 -0
- package/lib/schemas/config-vault.json +73 -0
- package/lib/schemas/config-vault.plugin.json +82 -0
- package/lib/schemas/service-config-vault.json +146 -0
- package/lib/schemas/service-config-vault.plugin.json +93 -0
- package/package.json +52 -0
|
@@ -0,0 +1,272 @@
|
|
|
1
|
+
import { createServer } from 'node:http';
|
|
2
|
+
import { createApp, defineEventHandler, deleteCookie, getCookie, getHeader, getMethod, getQuery, readBody, sendRedirect, setCookie, setResponseStatus, toNodeListener, } from 'h3';
|
|
3
|
+
export class VaultHttpServer {
|
|
4
|
+
options;
|
|
5
|
+
server;
|
|
6
|
+
constructor(options) {
|
|
7
|
+
this.options = options;
|
|
8
|
+
}
|
|
9
|
+
async start() {
|
|
10
|
+
const app = createApp();
|
|
11
|
+
app.use('/health', defineEventHandler(() => ({ status: 'ok' })));
|
|
12
|
+
app.use('/runtime/config', defineEventHandler(async (event) => {
|
|
13
|
+
const keyId = getHeader(event, 'x-vault-key-id') ?? '';
|
|
14
|
+
const secret = getHeader(event, 'x-vault-secret') ?? '';
|
|
15
|
+
const resolved = await this.options.vault.resolveRuntimeConfig(keyId, secret, this.options.obs);
|
|
16
|
+
return resolved;
|
|
17
|
+
}));
|
|
18
|
+
app.use('/setup', defineEventHandler(async (event) => {
|
|
19
|
+
if (getMethod(event) === 'GET')
|
|
20
|
+
return this.page('Vault Setup', setupForm());
|
|
21
|
+
const body = await readBody(event);
|
|
22
|
+
await this.options.vault.createFirstAdmin({
|
|
23
|
+
setupCode: String(body.setupCode ?? ''),
|
|
24
|
+
email: String(body.email ?? ''),
|
|
25
|
+
password: String(body.password ?? ''),
|
|
26
|
+
totpCode: String(body.totpCode ?? ''),
|
|
27
|
+
passkeyCredential: parseJsonObject(body.passkeyCredential),
|
|
28
|
+
});
|
|
29
|
+
return sendRedirect(event, '/login');
|
|
30
|
+
}));
|
|
31
|
+
app.use('/login', defineEventHandler(async (event) => {
|
|
32
|
+
if (getMethod(event) === 'GET')
|
|
33
|
+
return this.page('Vault Login', loginForm());
|
|
34
|
+
const body = await readBody(event);
|
|
35
|
+
const session = await this.options.vault.login(String(body.email ?? ''), String(body.password ?? ''), String(body.totpCode ?? ''), parseJsonObject(body.passkeyCredential));
|
|
36
|
+
setCookie(event, 'vault_session', session.sessionId, {
|
|
37
|
+
httpOnly: true,
|
|
38
|
+
sameSite: 'lax',
|
|
39
|
+
secure: this.options.production,
|
|
40
|
+
path: '/',
|
|
41
|
+
});
|
|
42
|
+
setCookie(event, 'vault_csrf', session.csrfToken, {
|
|
43
|
+
sameSite: 'lax',
|
|
44
|
+
secure: this.options.production,
|
|
45
|
+
path: '/',
|
|
46
|
+
});
|
|
47
|
+
return sendRedirect(event, '/');
|
|
48
|
+
}));
|
|
49
|
+
app.use('/logout', defineEventHandler(async (event) => {
|
|
50
|
+
const sessionId = getCookie(event, 'vault_session');
|
|
51
|
+
if (sessionId)
|
|
52
|
+
await this.options.vault.logout(sessionId);
|
|
53
|
+
deleteCookie(event, 'vault_session', { path: '/' });
|
|
54
|
+
deleteCookie(event, 'vault_csrf', { path: '/' });
|
|
55
|
+
return sendRedirect(event, '/login');
|
|
56
|
+
}));
|
|
57
|
+
app.use('/api/applications', defineEventHandler(async (event) => {
|
|
58
|
+
const user = await this.requireUser(event);
|
|
59
|
+
const body = await readBody(event);
|
|
60
|
+
return this.options.vault.createApplication(user.userId, String(body.name ?? ''), stringOrUndefined(body.description));
|
|
61
|
+
}));
|
|
62
|
+
app.use('/api/groups', defineEventHandler(async (event) => {
|
|
63
|
+
const user = await this.requireUser(event);
|
|
64
|
+
const body = await readBody(event);
|
|
65
|
+
return this.options.vault.createGroup(user.userId, String(body.applicationId ?? ''), String(body.name ?? ''));
|
|
66
|
+
}));
|
|
67
|
+
app.use('/api/profiles', defineEventHandler(async (event) => {
|
|
68
|
+
const user = await this.requireUser(event);
|
|
69
|
+
const body = await readBody(event);
|
|
70
|
+
return this.options.vault.createProfile(user.userId, String(body.groupId ?? ''), String(body.name ?? 'default'));
|
|
71
|
+
}));
|
|
72
|
+
app.use('/api/plugins', defineEventHandler(async (event) => {
|
|
73
|
+
const user = await this.requireUser(event);
|
|
74
|
+
const body = await readBody(event);
|
|
75
|
+
return this.options.vault.createPlugin(user.userId, {
|
|
76
|
+
org: String(body.org ?? '_'),
|
|
77
|
+
name: String(body.name ?? ''),
|
|
78
|
+
pluginId: String(body.pluginId ?? body.name ?? ''),
|
|
79
|
+
packageName: body.packageName === undefined ? null : String(body.packageName),
|
|
80
|
+
version: String(body.version ?? '0.0.0'),
|
|
81
|
+
kind: parseKind(body.kind),
|
|
82
|
+
source: parseSource(body.source),
|
|
83
|
+
configSchema: parseJsonObject(body.configSchema) ?? null,
|
|
84
|
+
eventSchema: parseJsonObject(body.eventSchema) ?? null,
|
|
85
|
+
});
|
|
86
|
+
}));
|
|
87
|
+
app.use('/api/drafts', defineEventHandler(async (event) => {
|
|
88
|
+
const user = await this.requireUser(event);
|
|
89
|
+
const body = await readBody(event);
|
|
90
|
+
const config = parseJsonObject(body.config);
|
|
91
|
+
if (!config)
|
|
92
|
+
throw new Error('Config must be a JSON object');
|
|
93
|
+
await this.options.vault.saveDraft(user.userId, String(body.profileId ?? ''), config);
|
|
94
|
+
return { success: true };
|
|
95
|
+
}));
|
|
96
|
+
app.use('/api/publish', defineEventHandler(async (event) => {
|
|
97
|
+
const user = await this.requireUser(event);
|
|
98
|
+
const body = await readBody(event);
|
|
99
|
+
return this.options.vault.publishDraft(user.userId, String(body.profileId ?? ''));
|
|
100
|
+
}));
|
|
101
|
+
app.use('/api/runtime-keys', defineEventHandler(async (event) => {
|
|
102
|
+
const user = await this.requireUser(event);
|
|
103
|
+
const body = await readBody(event);
|
|
104
|
+
return this.options.vault.createRuntimeKey(user.userId, {
|
|
105
|
+
name: String(body.name ?? ''),
|
|
106
|
+
applicationId: String(body.applicationId ?? ''),
|
|
107
|
+
groupId: String(body.groupId ?? ''),
|
|
108
|
+
profileId: String(body.profileId ?? ''),
|
|
109
|
+
containerName: body.containerName === undefined ? null : String(body.containerName),
|
|
110
|
+
configPluginId: String(body.configPluginId ?? 'config-vault'),
|
|
111
|
+
});
|
|
112
|
+
}));
|
|
113
|
+
app.use('/', defineEventHandler(async (event) => {
|
|
114
|
+
if (await this.options.vault.setupRequired())
|
|
115
|
+
return sendRedirect(event, '/setup');
|
|
116
|
+
const session = getCookie(event, 'vault_session');
|
|
117
|
+
if (!session)
|
|
118
|
+
return sendRedirect(event, '/login');
|
|
119
|
+
await this.options.vault.requireSession(session);
|
|
120
|
+
const query = getQuery(event);
|
|
121
|
+
const dashboard = await this.options.vault.dashboard();
|
|
122
|
+
return this.page('Vault', dashboardPage(dashboard, String(query.secret ?? '')));
|
|
123
|
+
}));
|
|
124
|
+
app.use(defineEventHandler((event) => {
|
|
125
|
+
setResponseStatus(event, 404);
|
|
126
|
+
return this.page('Not Found', '<p>Not found.</p>');
|
|
127
|
+
}));
|
|
128
|
+
this.server = createServer(toNodeListener(app));
|
|
129
|
+
await new Promise((resolve) => {
|
|
130
|
+
this.server?.listen(this.options.port, this.options.host, resolve);
|
|
131
|
+
});
|
|
132
|
+
}
|
|
133
|
+
async stop() {
|
|
134
|
+
await new Promise((resolve, reject) => {
|
|
135
|
+
if (!this.server) {
|
|
136
|
+
resolve();
|
|
137
|
+
return;
|
|
138
|
+
}
|
|
139
|
+
this.server.close((error) => error ? reject(error) : resolve());
|
|
140
|
+
});
|
|
141
|
+
}
|
|
142
|
+
async requireUser(event) {
|
|
143
|
+
const session = await this.options.vault.requireSession(getCookie(event, 'vault_session'));
|
|
144
|
+
const headerCsrf = getHeader(event, 'x-csrf-token');
|
|
145
|
+
const cookieCsrf = getCookie(event, 'vault_csrf');
|
|
146
|
+
if (headerCsrf !== session.csrfToken && cookieCsrf !== session.csrfToken) {
|
|
147
|
+
throw new Error('Invalid CSRF token');
|
|
148
|
+
}
|
|
149
|
+
return session;
|
|
150
|
+
}
|
|
151
|
+
page(title, body) {
|
|
152
|
+
return html(title, body);
|
|
153
|
+
}
|
|
154
|
+
}
|
|
155
|
+
function html(title, body) {
|
|
156
|
+
return `<!doctype html>
|
|
157
|
+
<html lang="en">
|
|
158
|
+
<head>
|
|
159
|
+
<meta charset="utf-8">
|
|
160
|
+
<meta name="viewport" content="width=device-width,initial-scale=1">
|
|
161
|
+
<title>${escapeHtml(title)}</title>
|
|
162
|
+
<style>
|
|
163
|
+
body{font-family:system-ui,-apple-system,Segoe UI,sans-serif;margin:0;background:#f7f8fa;color:#15181c}
|
|
164
|
+
header{background:#15181c;color:#fff;padding:16px 24px;display:flex;justify-content:space-between;align-items:center}
|
|
165
|
+
main{max-width:1180px;margin:0 auto;padding:24px}
|
|
166
|
+
section{background:#fff;border:1px solid #d9dde3;border-radius:8px;padding:16px;margin:0 0 16px}
|
|
167
|
+
input,textarea,select{display:block;width:100%;box-sizing:border-box;margin:6px 0 12px;padding:9px;border:1px solid #b9c0ca;border-radius:6px;font:inherit}
|
|
168
|
+
textarea{min-height:140px;font-family:ui-monospace,Consolas,monospace}
|
|
169
|
+
button{background:#1267d8;color:#fff;border:0;border-radius:6px;padding:9px 12px;font:inherit;cursor:pointer}
|
|
170
|
+
table{width:100%;border-collapse:collapse}td,th{border-bottom:1px solid #e3e6eb;text-align:left;padding:8px}
|
|
171
|
+
.grid{display:grid;grid-template-columns:repeat(auto-fit,minmax(260px,1fr));gap:16px}
|
|
172
|
+
.muted{color:#5b6470}.danger{color:#a40000}
|
|
173
|
+
</style>
|
|
174
|
+
</head>
|
|
175
|
+
<body>
|
|
176
|
+
<header><strong>Vault</strong><a href="/logout" style="color:#fff">Logout</a></header>
|
|
177
|
+
<main>${body}</main>
|
|
178
|
+
</body>
|
|
179
|
+
</html>`;
|
|
180
|
+
}
|
|
181
|
+
function setupForm() {
|
|
182
|
+
return `<section><h1>First Admin Setup</h1>
|
|
183
|
+
<p class="muted">Enter the one-time setup code printed in the service logs. Initial TOTP accepts <code>000000</code>; replace it after setup.</p>
|
|
184
|
+
<form method="post">
|
|
185
|
+
<input name="setupCode" placeholder="Setup code" required>
|
|
186
|
+
<input name="email" type="email" placeholder="Admin email" required>
|
|
187
|
+
<input name="password" type="password" placeholder="Password, 12+ chars" required>
|
|
188
|
+
<input name="totpCode" placeholder="TOTP code" required>
|
|
189
|
+
<textarea name="passkeyCredential" placeholder='Optional passkey JSON, e.g. {"id":"admin-device-1"}'></textarea>
|
|
190
|
+
<button>Create Admin</button>
|
|
191
|
+
</form>
|
|
192
|
+
</section>`;
|
|
193
|
+
}
|
|
194
|
+
function loginForm() {
|
|
195
|
+
return `<section><h1>Login</h1>
|
|
196
|
+
<form method="post">
|
|
197
|
+
<input name="email" type="email" placeholder="Email" required>
|
|
198
|
+
<input name="password" type="password" placeholder="Password" required>
|
|
199
|
+
<input name="totpCode" placeholder="TOTP code" required>
|
|
200
|
+
<textarea name="passkeyCredential" placeholder='Passkey JSON, e.g. {"id":"admin-device-1"}'></textarea>
|
|
201
|
+
<button>Login</button>
|
|
202
|
+
</form>
|
|
203
|
+
</section>`;
|
|
204
|
+
}
|
|
205
|
+
function dashboardPage(data, secret) {
|
|
206
|
+
return `<div class="grid">
|
|
207
|
+
<section><h2>Applications</h2>${table(data.applications.map((x) => [x.name, x.description ?? '', x.id]))}
|
|
208
|
+
<h3>Create Application</h3>${apiForm('/api/applications', ['name', 'description'])}</section>
|
|
209
|
+
<section><h2>Plugin Catalog</h2>${table(data.plugins.map((x) => [x.pluginId, x.version, x.kind, x.source]))}
|
|
210
|
+
<h3>Create/Upload Plugin</h3>${pluginForm()}</section>
|
|
211
|
+
</div>
|
|
212
|
+
<section><h2>Profiles and Runtime</h2>
|
|
213
|
+
<p class="muted">Use the JSON API to create groups/profiles, save drafts, publish, and create runtime keys. CSRF token is available in the <code>vault_csrf</code> cookie.</p>
|
|
214
|
+
${secret ? `<p><strong>Runtime secret, shown once:</strong> <code>${escapeHtml(secret)}</code></p>` : ''}
|
|
215
|
+
<h3>Runtime Keys</h3>${table(data.runtimeKeys.map((x) => [x.name, x.id, x.profileId, x.containerName ?? '', x.revokedAt ?? 'active']))}
|
|
216
|
+
</section>
|
|
217
|
+
<section><h2>Draft Config JSON</h2>${apiForm('/api/drafts', ['profileId'], 'config')}</section>
|
|
218
|
+
<section><h2>Publish Draft</h2>${apiForm('/api/publish', ['profileId'])}</section>
|
|
219
|
+
<section><h2>Create Runtime Key</h2>${apiForm('/api/runtime-keys', ['name', 'applicationId', 'groupId', 'profileId', 'containerName', 'configPluginId'])}</section>`;
|
|
220
|
+
}
|
|
221
|
+
function apiForm(action, fields, textarea) {
|
|
222
|
+
return `<form data-api="${action}" onsubmit="return submitJson(this)">
|
|
223
|
+
${fields.map((field) => `<input name="${field}" placeholder="${field}" ${field === 'configPluginId' ? 'value="config-vault"' : ''}>`).join('')}
|
|
224
|
+
${textarea ? `<textarea name="${textarea}" placeholder="${textarea} JSON"></textarea>` : ''}
|
|
225
|
+
<button>Submit</button>
|
|
226
|
+
</form>
|
|
227
|
+
<script>
|
|
228
|
+
async function submitJson(form){
|
|
229
|
+
const data={}; for(const item of new FormData(form).entries()){data[item[0]]=item[1]}
|
|
230
|
+
const csrf=document.cookie.split('; ').find(x=>x.startsWith('vault_csrf='))?.split('=')[1]||'';
|
|
231
|
+
const res=await fetch(form.dataset.api,{method:'POST',headers:{'content-type':'application/json','x-csrf-token':csrf},body:JSON.stringify(data)});
|
|
232
|
+
alert(JSON.stringify(await res.json(),null,2)); location.reload(); return false;
|
|
233
|
+
}
|
|
234
|
+
</script>`;
|
|
235
|
+
}
|
|
236
|
+
function pluginForm() {
|
|
237
|
+
return apiForm('/api/plugins', ['org', 'name', 'pluginId', 'packageName', 'version', 'kind', 'source'], 'configSchema');
|
|
238
|
+
}
|
|
239
|
+
function table(rows) {
|
|
240
|
+
if (rows.length === 0)
|
|
241
|
+
return '<p class="muted">None</p>';
|
|
242
|
+
return `<table>${rows.map((row) => `<tr>${row.map((cell) => `<td>${escapeHtml(cell)}</td>`).join('')}</tr>`).join('')}</table>`;
|
|
243
|
+
}
|
|
244
|
+
function parseJsonObject(value) {
|
|
245
|
+
if (typeof value === 'object' && value !== null && !Array.isArray(value))
|
|
246
|
+
return value;
|
|
247
|
+
if (typeof value !== 'string' || value.trim() === '')
|
|
248
|
+
return undefined;
|
|
249
|
+
const parsed = JSON.parse(value);
|
|
250
|
+
if (typeof parsed !== 'object' || parsed === null || Array.isArray(parsed))
|
|
251
|
+
throw new Error('Expected JSON object');
|
|
252
|
+
return parsed;
|
|
253
|
+
}
|
|
254
|
+
function parseKind(value) {
|
|
255
|
+
return value === 'events' || value === 'observable' || value === 'config' ? value : 'service';
|
|
256
|
+
}
|
|
257
|
+
function parseSource(value) {
|
|
258
|
+
return value === 'registry' || value === 'upload' ? value : 'manual';
|
|
259
|
+
}
|
|
260
|
+
function stringOrUndefined(value) {
|
|
261
|
+
return typeof value === 'string' && value.length > 0 ? value : undefined;
|
|
262
|
+
}
|
|
263
|
+
function escapeHtml(value) {
|
|
264
|
+
return value.replace(/[&<>"']/g, (char) => ({
|
|
265
|
+
'&': '&',
|
|
266
|
+
'<': '<',
|
|
267
|
+
'>': '>',
|
|
268
|
+
'"': '"',
|
|
269
|
+
"'": ''',
|
|
270
|
+
}[char] ?? char));
|
|
271
|
+
}
|
|
272
|
+
//# sourceMappingURL=http-server.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"http-server.js","sourceRoot":"","sources":["../../../src/plugins/service-config-vault/http-server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAe,MAAM,WAAW,CAAC;AACtD,OAAO,EACL,SAAS,EACT,kBAAkB,EAClB,YAAY,EACZ,SAAS,EACT,SAAS,EACT,SAAS,EACT,QAAQ,EACR,QAAQ,EACR,YAAY,EACZ,SAAS,EAET,iBAAiB,EACjB,cAAc,GACf,MAAM,IAAI,CAAC;AAcZ,MAAM,OAAO,eAAe;IACT,OAAO,CAAmB;IACnC,MAAM,CAAU;IAExB,YAAY,OAAyB;QACnC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,KAAK;QACT,MAAM,GAAG,GAAG,SAAS,EAAE,CAAC;QAExB,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,kBAAkB,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAEjE,GAAG,CAAC,GAAG,CAAC,iBAAiB,EAAE,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YAC5D,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,EAAE,gBAAgB,CAAC,IAAI,EAAE,CAAC;YACvD,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,EAAE,gBAAgB,CAAC,IAAI,EAAE,CAAC;YACxD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAChG,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACnD,IAAI,SAAS,CAAC,KAAK,CAAC,KAAK,KAAK;gBAAE,OAAO,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE,CAAC,CAAC;YAC7E,MAAM,IAAI,GAAG,MAAM,QAAQ,CAA0B,KAAK,CAAC,CAAC;YAC5D,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC;gBACxC,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC;gBACvC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC/B,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC;gBACrC,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC;gBACrC,iBAAiB,EAAE,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC;aAC3D,CAAC,CAAC;YACH,OAAO,YAAY,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACnD,IAAI,SAAS,CAAC,KAAK,CAAC,KAAK,KAAK;gBAAE,OAAO,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE,CAAC,CAAC;YAC7E,MAAM,IAAI,GAAG,MAAM,QAAQ,CAA0B,KAAK,CAAC,CAAC;YAC5D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAC5C,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,EACxB,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC,EAC3B,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC,EAC3B,eAAe,CAAC,IAAI,CAAC,iBAAiB,CAAC,CACxC,CAAC;YACF,SAAS,CAAC,KAAK,EAAE,eAAe,EAAE,OAAO,CAAC,SAAS,EAAE;gBACnD,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,KAAK;gBACf,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU;gBAC/B,IAAI,EAAE,GAAG;aACV,CAAC,CAAC;YACH,SAAS,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,CAAC,SAAS,EAAE;gBAChD,QAAQ,EAAE,KAAK;gBACf,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU;gBAC/B,IAAI,EAAE,GAAG;aACV,CAAC,CAAC;YACH,OAAO,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACpD,MAAM,SAAS,GAAG,SAAS,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC;YACpD,IAAI,SAAS;gBAAE,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YAC1D,YAAY,CAAC,KAAK,EAAE,eAAe,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;YACpD,YAAY,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;YACjD,OAAO,YAAY,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YAC9D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,QAAQ,CAA0B,KAAK,CAAC,CAAC;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,EAAE,iBAAiB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;QACzH,CAAC,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACxD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,QAAQ,CAA0B,KAAK,CAAC,CAAC;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAC;QAChH,CAAC,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YAC1D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,QAAQ,CAA0B,KAAK,CAAC,CAAC;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC;QACnH,CAAC,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACzD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,QAAQ,CAA0B,KAAK,CAAC,CAAC;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE;gBAClD,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC;gBAC5B,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;gBAC7B,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;gBAClD,WAAW,EAAE,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC;gBAC7E,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC;gBACxC,IAAI,EAAE,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC;gBAC1B,MAAM,EAAE,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC;gBAChC,YAAY,EAAE,eAAe,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,IAAI;gBACxD,WAAW,EAAE,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,IAAI;aACvD,CAAC,CAAC;QACL,CAAC,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACxD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,QAAQ,CAA0B,KAAK,CAAC,CAAC;YAC5D,MAAM,MAAM,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,CAAmC,CAAC;YAC9E,IAAI,CAAC,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;YAC7D,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC;YACtF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACzD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,QAAQ,CAA0B,KAAK,CAAC,CAAC;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC;QACpF,CAAC,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YAC9D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,QAAQ,CAA0B,KAAK,CAAC,CAAC;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,IAAI,CAAC,MAAM,EAAE;gBACtD,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;gBAC7B,aAAa,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC;gBAC/C,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC;gBACnC,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC;gBACvC,aAAa,EAAE,IAAI,CAAC,aAAa,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC;gBACnF,cAAc,EAAE,MAAM,CAAC,IAAI,CAAC,cAAc,IAAI,cAAc,CAAC;aAC9D,CAAC,CAAC;QACL,CAAC,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YAC9C,IAAI,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE;gBAAE,OAAO,YAAY,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YACnF,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC;YAClD,IAAI,CAAC,OAAO;gBAAE,OAAO,YAAY,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YACnD,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;YACjD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC9B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;YACvD,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,SAAS,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAClF,CAAC,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC,KAAK,EAAE,EAAE;YACnC,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YAC9B,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,mBAAmB,CAAC,CAAC;QACrD,CAAC,CAAC,CAAC,CAAC;QAEJ,IAAI,CAAC,MAAM,GAAG,YAAY,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC;QAChD,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;YAClC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACrE,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,IAAI;QACR,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACjB,OAAO,EAAE,CAAC;gBACV,OAAO;YACT,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QAClE,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,KAAsC;QAC9D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,SAAS,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC,CAAC;QAC3F,MAAM,UAAU,GAAG,SAAS,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC;QACpD,MAAM,UAAU,GAAG,SAAS,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;QAClD,IAAI,UAAU,KAAK,OAAO,CAAC,SAAS,IAAI,UAAU,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC;YACzE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,IAAI,CAAC,KAAa,EAAE,IAAY;QACtC,OAAO,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,IAAI,CAAC,KAAa,EAAE,IAAY;IACvC,OAAO;;;;;WAKE,UAAU,CAAC,KAAK,CAAC;;;;;;;;;;;;;;;;UAgBlB,IAAI;;QAEN,CAAC;AACT,CAAC;AAED,SAAS,SAAS;IAChB,OAAO;;;;;;;;;;aAUI,CAAC;AACd,CAAC;AAED,SAAS,SAAS;IAChB,OAAO;;;;;;;;aAQI,CAAC;AACd,CAAC;AAED,SAAS,aAAa,CAAC,IAAoD,EAAE,MAAc;IACzF,OAAO;oCAC2B,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,WAAW,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;mCACzE,OAAO,CAAC,mBAAmB,EAAE,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;sCAClD,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;qCAC1E,UAAU,EAAE;;;;MAI3C,MAAM,CAAC,CAAC,CAAC,yDAAyD,UAAU,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE;2BACjF,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,aAAa,IAAI,EAAE,EAAE,CAAC,CAAC,SAAS,IAAI,QAAQ,CAAC,CAAC,CAAC;;uCAEnG,OAAO,CAAC,aAAa,EAAE,CAAC,WAAW,CAAC,EAAE,QAAQ,CAAC;mCACnD,OAAO,CAAC,cAAc,EAAE,CAAC,WAAW,CAAC,CAAC;wCACjC,OAAO,CAAC,mBAAmB,EAAE,CAAC,MAAM,EAAE,eAAe,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,EAAE,gBAAgB,CAAC,CAAC,YAAY,CAAC;AACvK,CAAC;AAED,SAAS,OAAO,CAAC,MAAc,EAAE,MAAgB,EAAE,QAAiB;IAClE,OAAO,mBAAmB,MAAM;MAC5B,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,gBAAgB,KAAK,kBAAkB,KAAK,KAAK,KAAK,KAAK,gBAAgB,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;MAC5I,QAAQ,CAAC,CAAC,CAAC,mBAAmB,QAAQ,kBAAkB,QAAQ,oBAAoB,CAAC,CAAC,CAAC,EAAE;;;;;;;;;;YAUnF,CAAC;AACb,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,OAAO,CAAC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,cAAc,CAAC,CAAC;AAC1H,CAAC;AAED,SAAS,KAAK,CAAC,IAAgB;IAC7B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,2BAA2B,CAAC;IAC1D,OAAO,UAAU,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC;AAClI,CAAC;AAED,SAAS,eAAe,CAAC,KAAc;IACrC,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,KAAgC,CAAC;IAClH,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,IAAI,EAAE,KAAK,EAAE;QAAE,OAAO,SAAS,CAAC;IACvE,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAY,CAAC;IAC5C,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IACpH,OAAO,MAAiC,CAAC;AAC3C,CAAC;AAED,SAAS,SAAS,CAAC,KAAc;IAC/B,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,YAAY,IAAI,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAChG,CAAC;AAED,SAAS,WAAW,CAAC,KAAc;IACjC,OAAO,KAAK,KAAK,UAAU,IAAI,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC;AACvE,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAc;IACvC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAC3E,CAAC;AAED,SAAS,UAAU,CAAC,KAAa;IAC/B,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QAC1C,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,MAAM;QACX,GAAG,EAAE,MAAM;QACX,GAAG,EAAE,QAAQ;QACb,GAAG,EAAE,OAAO;KACb,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC;AACpB,CAAC"}
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
import * as av from 'anyvali';
|
|
2
|
+
import { BSBService, type BSBServiceConstructor, type Observable } from '@bsb/base';
|
|
3
|
+
export declare const VaultServiceConfigSchema: av.ObjectSchema<{
|
|
4
|
+
host: av.StringSchema;
|
|
5
|
+
port: av.Int32Schema;
|
|
6
|
+
publicUrl: av.StringSchema;
|
|
7
|
+
production: av.BoolSchema;
|
|
8
|
+
databaseUrl: av.StringSchema;
|
|
9
|
+
masterKey: av.StringSchema;
|
|
10
|
+
}>;
|
|
11
|
+
export type VaultServiceConfig = av.Infer<typeof VaultServiceConfigSchema>;
|
|
12
|
+
export declare const EventSchemas: {
|
|
13
|
+
readonly onReturnableEvents: {
|
|
14
|
+
readonly 'vault.runtime.resolve': {
|
|
15
|
+
input: av.ObjectSchema<{
|
|
16
|
+
keyId: av.StringSchema;
|
|
17
|
+
secret: av.StringSchema;
|
|
18
|
+
}>;
|
|
19
|
+
output: av.ObjectSchema<{
|
|
20
|
+
application: av.StringSchema;
|
|
21
|
+
group: av.StringSchema;
|
|
22
|
+
profile: av.StringSchema;
|
|
23
|
+
version: import("@bsb/base").BSBType;
|
|
24
|
+
config: av.UnknownSchema;
|
|
25
|
+
}>;
|
|
26
|
+
description?: string;
|
|
27
|
+
defaultTimeout?: number;
|
|
28
|
+
readonly __brand: "returnable";
|
|
29
|
+
};
|
|
30
|
+
};
|
|
31
|
+
};
|
|
32
|
+
export declare const Config: import("@bsb/base").BSBPluginConfigClass<av.ObjectSchema<{
|
|
33
|
+
host: av.StringSchema;
|
|
34
|
+
port: av.Int32Schema;
|
|
35
|
+
publicUrl: av.StringSchema;
|
|
36
|
+
production: av.BoolSchema;
|
|
37
|
+
databaseUrl: av.StringSchema;
|
|
38
|
+
masterKey: av.StringSchema;
|
|
39
|
+
}>>;
|
|
40
|
+
export declare class Plugin extends BSBService<InstanceType<typeof Config>, typeof EventSchemas> {
|
|
41
|
+
static Config: import("@bsb/base").BSBPluginConfigClass<av.ObjectSchema<{
|
|
42
|
+
host: av.StringSchema;
|
|
43
|
+
port: av.Int32Schema;
|
|
44
|
+
publicUrl: av.StringSchema;
|
|
45
|
+
production: av.BoolSchema;
|
|
46
|
+
databaseUrl: av.StringSchema;
|
|
47
|
+
masterKey: av.StringSchema;
|
|
48
|
+
}>>;
|
|
49
|
+
static EventSchemas: {
|
|
50
|
+
readonly onReturnableEvents: {
|
|
51
|
+
readonly 'vault.runtime.resolve': {
|
|
52
|
+
input: av.ObjectSchema<{
|
|
53
|
+
keyId: av.StringSchema;
|
|
54
|
+
secret: av.StringSchema;
|
|
55
|
+
}>;
|
|
56
|
+
output: av.ObjectSchema<{
|
|
57
|
+
application: av.StringSchema;
|
|
58
|
+
group: av.StringSchema;
|
|
59
|
+
profile: av.StringSchema;
|
|
60
|
+
version: import("@bsb/base").BSBType;
|
|
61
|
+
config: av.UnknownSchema;
|
|
62
|
+
}>;
|
|
63
|
+
description?: string;
|
|
64
|
+
defaultTimeout?: number;
|
|
65
|
+
readonly __brand: "returnable";
|
|
66
|
+
};
|
|
67
|
+
};
|
|
68
|
+
};
|
|
69
|
+
readonly initBeforePlugins?: string[] | undefined;
|
|
70
|
+
readonly initAfterPlugins?: string[] | undefined;
|
|
71
|
+
readonly runBeforePlugins?: string[] | undefined;
|
|
72
|
+
readonly runAfterPlugins?: string[] | undefined;
|
|
73
|
+
private readonly setupCode;
|
|
74
|
+
private readonly store;
|
|
75
|
+
private readonly vault;
|
|
76
|
+
private httpServer?;
|
|
77
|
+
constructor(config: BSBServiceConstructor<InstanceType<typeof Config>, typeof EventSchemas>);
|
|
78
|
+
init(obs: Observable): Promise<void>;
|
|
79
|
+
run(obs: Observable): Promise<void>;
|
|
80
|
+
dispose(): Promise<void>;
|
|
81
|
+
}
|
|
82
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/plugins/service-config-vault/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EACL,UAAU,EACV,KAAK,qBAAqB,EAC1B,KAAK,UAAU,EAKhB,MAAM,WAAW,CAAC;AAMnB,eAAO,MAAM,wBAAwB;;;;;;;EAOK,CAAC;AAE3C,MAAM,MAAM,kBAAkB,GAAG,EAAE,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAU3E,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;CAWvB,CAAC;AAEH,eAAO,MAAM,MAAM;;;;;;;GASlB,CAAC;AAEF,qBAAa,MAAO,SAAQ,UAAU,CAAC,YAAY,CAAC,OAAO,MAAM,CAAC,EAAE,OAAO,YAAY,CAAC;IACtF,MAAM,CAAC,MAAM;;;;;;;QAAU;IACvB,MAAM,CAAC,YAAY;;;;;;;;;;;;;;;;;;;MAAgB;IAEnC,SAAgB,iBAAiB,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;IACzD,SAAgB,gBAAgB,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;IACxD,SAAgB,gBAAgB,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;IACxD,SAAgB,eAAe,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;IAEvD,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAa;IACnC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAe;IACrC,OAAO,CAAC,UAAU,CAAC,CAAkB;gBAEzB,MAAM,EAAE,qBAAqB,CAAC,YAAY,CAAC,OAAO,MAAM,CAAC,EAAE,OAAO,YAAY,CAAC;IAerF,IAAI,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAqBpC,GAAG,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IASnC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;CAI/B"}
|
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
import * as av from 'anyvali';
|
|
2
|
+
import { BSBService, bsb, createConfigSchema, createEventSchemas, createReturnableEvent, } from '@bsb/base';
|
|
3
|
+
import { loadMasterKey, newToken } from './crypto.js';
|
|
4
|
+
import { VaultHttpServer } from './http-server.js';
|
|
5
|
+
import { VaultStore } from './store.js';
|
|
6
|
+
import { VaultService } from './vault.js';
|
|
7
|
+
export const VaultServiceConfigSchema = av.object({
|
|
8
|
+
host: av.string().default('0.0.0.0').describe('HTTP bind host'),
|
|
9
|
+
port: av.int32().min(1).max(65535).default(8080).describe('HTTP port for Vault admin UI and API'),
|
|
10
|
+
publicUrl: av.string().default('http://localhost:8080').describe('External URL used for admin and passkey flows'),
|
|
11
|
+
production: av.bool().default(false).describe('Enable production cookie/security checks'),
|
|
12
|
+
databaseUrl: av.string().minLength(1).describe('Postgres connection string'),
|
|
13
|
+
masterKey: av.string().minLength(1).describe('Base64 encoded 32-byte Vault master key'),
|
|
14
|
+
}).describe('Vault service configuration');
|
|
15
|
+
const RuntimeConfigResponse = bsb.object({
|
|
16
|
+
application: bsb.string({ description: 'Bound application name' }),
|
|
17
|
+
group: bsb.string({ description: 'Bound service group name' }),
|
|
18
|
+
profile: bsb.string({ description: 'Bound deployment profile name' }),
|
|
19
|
+
version: bsb.int32({ min: 1, description: 'Active config version' }),
|
|
20
|
+
config: bsb.unknown('Resolved BSB runtime config object'),
|
|
21
|
+
}, 'Resolved runtime config response');
|
|
22
|
+
export const EventSchemas = createEventSchemas({
|
|
23
|
+
onReturnableEvents: {
|
|
24
|
+
'vault.runtime.resolve': createReturnableEvent(bsb.object({
|
|
25
|
+
keyId: bsb.string({ min: 1, description: 'Vault runtime API key id' }),
|
|
26
|
+
secret: bsb.string({ min: 1, description: 'Vault runtime API secret' }),
|
|
27
|
+
}, 'Vault runtime config resolve request'), RuntimeConfigResponse, 'Resolve latest active BSB config for a runtime API key'),
|
|
28
|
+
},
|
|
29
|
+
});
|
|
30
|
+
export const Config = createConfigSchema({
|
|
31
|
+
name: 'Vault',
|
|
32
|
+
description: 'Secure BSB managed configuration service with Postgres, admin UI, plugin catalog, and runtime API keys',
|
|
33
|
+
image: '../../../docs/public/assets/images/bsb-logo.png',
|
|
34
|
+
tags: ['vault', 'config', 'security', 'postgres', 'h3', 'admin-ui'],
|
|
35
|
+
documentation: ['./docs/service-config-vault.md'],
|
|
36
|
+
}, VaultServiceConfigSchema);
|
|
37
|
+
export class Plugin extends BSBService {
|
|
38
|
+
static Config = Config;
|
|
39
|
+
static EventSchemas = EventSchemas;
|
|
40
|
+
initBeforePlugins;
|
|
41
|
+
initAfterPlugins;
|
|
42
|
+
runBeforePlugins;
|
|
43
|
+
runAfterPlugins;
|
|
44
|
+
setupCode;
|
|
45
|
+
store;
|
|
46
|
+
vault;
|
|
47
|
+
httpServer;
|
|
48
|
+
constructor(config) {
|
|
49
|
+
super({
|
|
50
|
+
...config,
|
|
51
|
+
eventSchemas: EventSchemas,
|
|
52
|
+
});
|
|
53
|
+
this.setupCode = newToken(18);
|
|
54
|
+
this.store = new VaultStore(this.config.databaseUrl);
|
|
55
|
+
this.vault = new VaultService({
|
|
56
|
+
store: this.store,
|
|
57
|
+
masterKey: loadMasterKey(this.config.masterKey),
|
|
58
|
+
setupCode: this.setupCode,
|
|
59
|
+
});
|
|
60
|
+
}
|
|
61
|
+
async init(obs) {
|
|
62
|
+
obs.log.info('Initializing Vault service');
|
|
63
|
+
await this.store.init();
|
|
64
|
+
if (await this.vault.setupRequired()) {
|
|
65
|
+
obs.log.warn('Vault first admin setup required. Setup code: {setupCode}', {
|
|
66
|
+
setupCode: this.setupCode,
|
|
67
|
+
});
|
|
68
|
+
}
|
|
69
|
+
await this.events.onReturnableEvent('vault.runtime.resolve', obs, async (eventObs, payload) => {
|
|
70
|
+
return this.vault.resolveRuntimeConfig(payload.keyId, payload.secret, eventObs);
|
|
71
|
+
});
|
|
72
|
+
this.httpServer = new VaultHttpServer({
|
|
73
|
+
host: this.config.host,
|
|
74
|
+
port: this.config.port,
|
|
75
|
+
publicUrl: this.config.publicUrl,
|
|
76
|
+
production: this.config.production,
|
|
77
|
+
obs,
|
|
78
|
+
vault: this.vault,
|
|
79
|
+
});
|
|
80
|
+
}
|
|
81
|
+
async run(obs) {
|
|
82
|
+
if (!this.httpServer)
|
|
83
|
+
throw new Error('Vault HTTP server was not initialized');
|
|
84
|
+
await this.httpServer.start();
|
|
85
|
+
obs.log.info('Vault admin UI/API started on {host}:{port}', {
|
|
86
|
+
host: this.config.host,
|
|
87
|
+
port: this.config.port,
|
|
88
|
+
});
|
|
89
|
+
}
|
|
90
|
+
async dispose() {
|
|
91
|
+
await this.httpServer?.stop();
|
|
92
|
+
await this.store.close();
|
|
93
|
+
}
|
|
94
|
+
}
|
|
95
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/plugins/service-config-vault/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EACL,UAAU,EAGV,GAAG,EACH,kBAAkB,EAClB,kBAAkB,EAClB,qBAAqB,GACtB,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE1C,MAAM,CAAC,MAAM,wBAAwB,GAAG,EAAE,CAAC,MAAM,CAAC;IAChD,IAAI,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,gBAAgB,CAAC;IAC/D,IAAI,EAAE,EAAE,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,sCAAsC,CAAC;IACjG,SAAS,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC,QAAQ,CAAC,+CAA+C,CAAC;IACjH,UAAU,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,0CAA0C,CAAC;IACzF,WAAW,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,4BAA4B,CAAC;IAC5E,SAAS,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,yCAAyC,CAAC;CACxF,CAAC,CAAC,QAAQ,CAAC,6BAA6B,CAAC,CAAC;AAI3C,MAAM,qBAAqB,GAAG,GAAG,CAAC,MAAM,CAAC;IACvC,WAAW,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,CAAC;IAClE,KAAK,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IAC9D,OAAO,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,WAAW,EAAE,+BAA+B,EAAE,CAAC;IACrE,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,WAAW,EAAE,uBAAuB,EAAE,CAAC;IACpE,MAAM,EAAE,GAAG,CAAC,OAAO,CAAC,oCAAoC,CAAC;CAC1D,EAAE,kCAAkC,CAAC,CAAC;AAEvC,MAAM,CAAC,MAAM,YAAY,GAAG,kBAAkB,CAAC;IAC7C,kBAAkB,EAAE;QAClB,uBAAuB,EAAE,qBAAqB,CAC5C,GAAG,CAAC,MAAM,CAAC;YACT,KAAK,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;YACtE,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;SACxE,EAAE,sCAAsC,CAAC,EAC1C,qBAAqB,EACrB,wDAAwD,CACzD;KACF;CACF,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,MAAM,GAAG,kBAAkB,CACtC;IACE,IAAI,EAAE,OAAO;IACb,WAAW,EAAE,wGAAwG;IACrH,KAAK,EAAE,iDAAiD;IACxD,IAAI,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,CAAC;IACnE,aAAa,EAAE,CAAC,gCAAgC,CAAC;CAClD,EACD,wBAAwB,CACzB,CAAC;AAEF,MAAM,OAAO,MAAO,SAAQ,UAA4D;IACtF,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,MAAM,CAAC,YAAY,GAAG,YAAY,CAAC;IAEnB,iBAAiB,CAAwB;IACzC,gBAAgB,CAAwB;IACxC,gBAAgB,CAAwB;IACxC,eAAe,CAAwB;IAEtC,SAAS,CAAS;IAClB,KAAK,CAAa;IAClB,KAAK,CAAe;IAC7B,UAAU,CAAmB;IAErC,YAAY,MAA+E;QACzF,KAAK,CAAC;YACJ,GAAG,MAAM;YACT,YAAY,EAAE,YAAY;SAC3B,CAAC,CAAC;QAEH,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,KAAK,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QACrD,IAAI,CAAC,KAAK,GAAG,IAAI,YAAY,CAAC;YAC5B,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,SAAS,EAAE,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;YAC/C,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,GAAe;QACxB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAC3C,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;QACxB,IAAI,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,EAAE,EAAE,CAAC;YACrC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,2DAA2D,EAAE;gBACxE,SAAS,EAAE,IAAI,CAAC,SAAS;aAC1B,CAAC,CAAC;QACL,CAAC;QACD,MAAM,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,uBAAuB,EAAE,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE;YAC5F,OAAO,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClF,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,UAAU,GAAG,IAAI,eAAe,CAAC;YACpC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI;YACtB,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI;YACtB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YAChC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;YAClC,GAAG;YACH,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAe;QACvB,IAAI,CAAC,IAAI,CAAC,UAAU;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QAC9B,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,6CAA6C,EAAE;YAC1D,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI;YACtB,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI;SACvB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IAC3B,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
export interface PasskeyVerifier {
|
|
2
|
+
verifyRegistration(credential: Record<string, unknown>): Promise<Record<string, unknown>>;
|
|
3
|
+
verifyAuthentication(credential: Record<string, unknown>, storedPublicKey: Record<string, unknown>): Promise<boolean>;
|
|
4
|
+
}
|
|
5
|
+
export declare class JsonPasskeyVerifier implements PasskeyVerifier {
|
|
6
|
+
verifyRegistration(credential: Record<string, unknown>): Promise<Record<string, unknown>>;
|
|
7
|
+
verifyAuthentication(credential: Record<string, unknown>, storedPublicKey: Record<string, unknown>): Promise<boolean>;
|
|
8
|
+
}
|
|
9
|
+
//# sourceMappingURL=passkeys.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"passkeys.d.ts","sourceRoot":"","sources":["../../../src/plugins/service-config-vault/passkeys.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,kBAAkB,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC1F,oBAAoB,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACvH;AAED,qBAAa,mBAAoB,YAAW,eAAe;IACnD,kBAAkB,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAOzF,oBAAoB,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;CAG5H"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
export class JsonPasskeyVerifier {
|
|
2
|
+
async verifyRegistration(credential) {
|
|
3
|
+
if (typeof credential.id !== 'string' || credential.id.length < 8) {
|
|
4
|
+
throw new Error('Invalid passkey credential');
|
|
5
|
+
}
|
|
6
|
+
return credential;
|
|
7
|
+
}
|
|
8
|
+
async verifyAuthentication(credential, storedPublicKey) {
|
|
9
|
+
return typeof credential.id === 'string' && credential.id === storedPublicKey.id;
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
//# sourceMappingURL=passkeys.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"passkeys.js","sourceRoot":"","sources":["../../../src/plugins/service-config-vault/passkeys.ts"],"names":[],"mappings":"AAKA,MAAM,OAAO,mBAAmB;IAC9B,KAAK,CAAC,kBAAkB,CAAC,UAAmC;QAC1D,IAAI,OAAO,UAAU,CAAC,EAAE,KAAK,QAAQ,IAAI,UAAU,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,UAAmC,EAAE,eAAwC;QACtG,OAAO,OAAO,UAAU,CAAC,EAAE,KAAK,QAAQ,IAAI,UAAU,CAAC,EAAE,KAAK,eAAe,CAAC,EAAE,CAAC;IACnF,CAAC;CACF"}
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
import type { ApplicationRecord, AuditRecord, ConfigDraftRecord, ConfigVersionRecord, GroupRecord, PasskeyRecord, PluginCatalogRecord, ProfileRecord, RuntimeKeyRecord, SessionRecord, UserRecord } from './types.js';
|
|
2
|
+
export declare class VaultStore {
|
|
3
|
+
private readonly pool;
|
|
4
|
+
constructor(databaseUrl: string);
|
|
5
|
+
close(): Promise<void>;
|
|
6
|
+
init(): Promise<void>;
|
|
7
|
+
countAdmins(): Promise<number>;
|
|
8
|
+
createUser(user: UserRecord): Promise<void>;
|
|
9
|
+
getUserByEmail(email: string): Promise<UserRecord | null>;
|
|
10
|
+
getUser(id: string): Promise<UserRecord | null>;
|
|
11
|
+
createPasskey(passkey: PasskeyRecord): Promise<void>;
|
|
12
|
+
listPasskeys(userId: string): Promise<PasskeyRecord[]>;
|
|
13
|
+
createSession(session: SessionRecord): Promise<void>;
|
|
14
|
+
getSession(id: string): Promise<SessionRecord | null>;
|
|
15
|
+
deleteSession(id: string): Promise<void>;
|
|
16
|
+
createApplication(record: ApplicationRecord): Promise<void>;
|
|
17
|
+
listApplications(): Promise<ApplicationRecord[]>;
|
|
18
|
+
createGroup(record: GroupRecord): Promise<void>;
|
|
19
|
+
listGroups(applicationId: string): Promise<GroupRecord[]>;
|
|
20
|
+
createProfile(record: ProfileRecord): Promise<void>;
|
|
21
|
+
getProfile(id: string): Promise<ProfileRecord | null>;
|
|
22
|
+
listProfiles(groupId: string): Promise<ProfileRecord[]>;
|
|
23
|
+
createPlugin(record: PluginCatalogRecord): Promise<void>;
|
|
24
|
+
listPlugins(): Promise<PluginCatalogRecord[]>;
|
|
25
|
+
upsertDraft(record: ConfigDraftRecord): Promise<void>;
|
|
26
|
+
getDraft(profileId: string): Promise<ConfigDraftRecord | null>;
|
|
27
|
+
createVersion(record: ConfigVersionRecord): Promise<void>;
|
|
28
|
+
nextVersion(profileId: string): Promise<number>;
|
|
29
|
+
getVersion(id: string): Promise<ConfigVersionRecord | null>;
|
|
30
|
+
createRuntimeKey(record: RuntimeKeyRecord): Promise<void>;
|
|
31
|
+
getRuntimeKey(id: string): Promise<RuntimeKeyRecord | null>;
|
|
32
|
+
listRuntimeKeys(profileId?: string): Promise<RuntimeKeyRecord[]>;
|
|
33
|
+
revokeRuntimeKey(id: string): Promise<void>;
|
|
34
|
+
resolveRuntimeBinding(keyId: string): Promise<{
|
|
35
|
+
key: RuntimeKeyRecord;
|
|
36
|
+
application: ApplicationRecord;
|
|
37
|
+
group: GroupRecord;
|
|
38
|
+
profile: ProfileRecord;
|
|
39
|
+
} | null>;
|
|
40
|
+
audit(record: AuditRecord): Promise<void>;
|
|
41
|
+
}
|
|
42
|
+
//# sourceMappingURL=store.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"store.d.ts","sourceRoot":"","sources":["../../../src/plugins/service-config-vault/store.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,iBAAiB,EACjB,WAAW,EACX,iBAAiB,EACjB,mBAAmB,EACnB,WAAW,EACX,aAAa,EACb,mBAAmB,EACnB,aAAa,EACb,gBAAgB,EAChB,aAAa,EACb,UAAU,EACX,MAAM,YAAY,CAAC;AAEpB,qBAAa,UAAU;IACrB,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAO;gBAEhB,WAAW,EAAE,MAAM;IAIzB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAItB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAyGrB,WAAW,IAAI,OAAO,CAAC,MAAM,CAAC;IAK9B,UAAU,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAQ3C,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAKzD,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAK/C,aAAa,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IAQpD,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAKtD,aAAa,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IAOpD,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAKrD,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIxC,iBAAiB,CAAC,MAAM,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAO3D,gBAAgB,IAAI,OAAO,CAAC,iBAAiB,EAAE,CAAC;IAKhD,WAAW,CAAC,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAO/C,UAAU,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAKzD,aAAa,CAAC,MAAM,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IAOnD,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAKrD,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAKvD,YAAY,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,IAAI,CAAC;IAqBxD,WAAW,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;IAK7C,WAAW,CAAC,MAAM,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAcrD,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC;IAK9D,aAAa,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,IAAI,CAAC;IAoBzD,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAQ/C,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC;IAK3D,gBAAgB,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IAoBzD,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC;IAK3D,eAAe,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC;IAOhE,gBAAgB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI3C,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;QAClD,GAAG,EAAE,gBAAgB,CAAC;QACtB,WAAW,EAAE,iBAAiB,CAAC;QAC/B,KAAK,EAAE,WAAW,CAAC;QACnB,OAAO,EAAE,aAAa,CAAC;KACxB,GAAG,IAAI,CAAC;IAwBH,KAAK,CAAC,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;CAMhD"}
|